Field of the Invention
The present invention relates to an image processing apparatus, an authentication method therefor, and a computer-readable storage medium storing a program for implementing the authentication method, and in particular to a technique for authenticating a plurality of users who uses a plurality of functions which an image processing apparatus has.
Description of the Related Art
Image processing apparatuses such as MFPs (Multifunction Peripherals) have a plurality of applications such as copy, print, and scan and send so as to realize a plurality of functions such as copying, printing, and sending of scanned-in images. Many image processing apparatuses are shared by a plurality of users and thus have a user authentication function from a security standpoint. With this user authentication function, users can be identified to carry out access control and personalization control on a user-by-user basis.
Exemplary access control on a user-by-user basis sets authorities to use an image processing apparatus (such as enabling and disabling of color copying) for an administrator and a general user and limits available functions according to the set authorities. For user authentication used for the purpose of access control, there are an authentication method using user IDs ad passwords and a strict authentication method using IC cards and/or biological information so as to prevent spoofing.
On the other hand, exemplary personalizing control displays functions which an authenticated user frequently uses, or displays only jobs of an authenticated user among print jobs retained in an image processing apparatus and prompts a user to make a choice. This function is referred to as a personalizing function or personalization.
There is also a technique in which according to a security level associated with an application selected from a plurality of applications, it is determined whether or not authentication is required so as to use the application, and when authentication is necessary, user authentication is performed (see Japanese Laid-Open Patent Publication (Kokai) No. 2006-172398). For example, an application having a copy function is configured to require no user authentication so that all users can use the application, whereas an application having a function of sending scanned-in images is configured to require user authentication from a security standpoint.
There is also a technique in which there is a plurality of input means for inputting user information, and whether or not to execute a job is determined according to user information input using the input means (see Japanese Laid-Open Patent Publication (Kokai) No. 2009-44764).
In the personalizing control described above, when the strict authentication method is used, time-consuming operations are required so as to perform user authentication. It is thus desirable to, for an application that does not require security and can be personalized, use a simple authentication method intended to identify users.
There is, however, an application that can be personalized and requires security. Examples of the application include those having characteristics below.                When a general user uses an application, the application can be personalized and used by everyone, but changing of settings on the application is disabled.        When an administrator uses an application, the application can be personalized and used by everyone, and changing of settings on the application is enabled.        
If strict user authentication is required to use applications having the above characteristics, strict user authentication must be performed for even a general user who is inhibited from changing settings on the applications, and hence time-consuming operations are needed, which is troublesome. On the other hand, if the simple authentication method is used for an administrator as well as for the above applications, this will present a problem from a security standpoint.